Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU
  • Home
  • GIAC
  • GSNA: GIAC Systems and Network Auditor

GIAC Systems and Network Auditor Exam

Certification Provider: GIAC
Exam Name: GIAC Systems and Network Auditor
Duration: 180 Minutes
Number of questions in our database: 416
Exam Version: Apr. 08, 2024
Exam Official Topics:
  • Topic 1: Demonstrate the ability to audit Windows systems using common techniques/ Auditing Concepts & Methodology
  • Topic 2: Knowledge of basic auditing terms and concepts/ Demonstrate the ability to audit web applications
  • Topic 3: Scripting commands to determine process information, access controls, and system configurations/ Risk assessment are used to identify and specify controls
  • Topic 4: Configuration, authentication, session management, data security at rest and in transit, and vulnerabilities to common attacks/ Auditing Windows Systems
  • Topic 5: Demonstrate familiarity with the audit process, baselines, time based security concepts/ Auditing Networking Devices & Services
  • Topic 6: Demonstrate the ability to audit common network devices and services/ Demonstrate the ability to audit Unix systems using common techniques
Disscuss GIAC GIAC Systems and Network Auditor Topics, Questions or Ask Anything Related

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!

Free GIAC GIAC Systems and Network Auditor Exam Actual Questions

The questions for GIAC Systems and Network Auditor were last updated On Apr. 08, 2024

Question #1

Which TCP and UDP ports can be used to start a NULL session attack in NT and 2000 operating systems?

Reveal Solution Hide Solution
Correct Answer: C

A null session is an anonymous connection to a freely accessible network share called IPC$ on Windows-based servers. It allows immediate

read and write access with Windows NT/2000 and read-access with Windows XP and 2003.

The command to be inserted at the DOS-prompt is as follows:

net use \\IP address_or_host name\ipc$ '' '/user:'

net use

Port numbers 139 TCP and 445 UDP can be used to start a NULL session attack.


Question #2

A Cisco router can have multiple connections to networks. These connections are known as interfaces for Cisco Routers. For naming each interface, Cisco generally uses the type of interface as part of the name. Which of the following are true about the naming conventions of Cisco Router interfaces?

Each correct answer represents a complete solution. Choose all that apply.

Reveal Solution Hide Solution
Correct Answer: A, B, C

A Cisco router can have multiple connections to networks. These connections are known as interfaces for Cisco Routers. For naming each interface, Cisco generally uses the type of interface as part of the name.

Following are some of the naming conventions of Cisco Router interfaces:

An Ethernet interface that is fast always starts with an F.

An interface connected to a serial connection always starts with an S.

An interface connected to an Ethernet segment of the network always starts with an E.

An interface connected to a Token Ring segment always starts with To.


Question #3

You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to identify the secure terminals from where the root can be allowed to log in. Which of the following Unix configuration files can you use to accomplish the task?

Reveal Solution Hide Solution
Correct Answer: D

In Unix, the /etc/securetty file is used to identify the secure terminals from where the root can be allowed to log in.

Answer B is incorrect. In Unix, the /etc/ioports file shows which I/O ports are in use at the moment.

Answer A is incorrect. In Unix, the /etc/services file is the configuration file that lists the network services that the system supports.

Answer C is incorrect. In Unix, the /proc/interrupts file is the configuration file that shows the interrupts in use and how many of each

there has been.


Question #4

An attacker wants to connect directly to an unsecured station to circumvent the AP security or to attack the station. Which of the following

tools can be used to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

Reveal Solution Hide Solution
Correct Answer: A, D

Ad Hoc Association is a type of attack in which an attacker tries to connect directly to an unsecured station to circumvent the AP security or to

attack the station. Any wireless card or USB adapter can be used to perform this attack.

Answer B and C are incorrect. The MacChanger and SirMACsAlot tools are used to perform MAC spoofing attacks.


Question #5

You work as a Network Administrator for Tech Perfect Inc. For security issues, the company requires you to harden its routers. You therefore

write the following code:

Router#config terminal

Router(config) #no ip bootp server

Router(config) #no ip name-server

Router(config) #no ntp server

Router(config) #no snmp server

Router(config) #no ip http server

Router(config) #^Z

Router#

What services will be disabled by using this configuration fragment?

Each correct answer represents a complete solution. Choose all that apply.

Reveal Solution Hide Solution
Correct Answer: A, D

The above configuration fragment will disable the following services from the router:

The BootP service

The DNS function

The Network Time Protocol

The Simple Network Management Protocol

Hyper Text Transfer Protocol


Explore Other GIAC Exams

Unlock all GIAC Systems and Network Auditor Exam Questions with Advanced Practice Test Features:
  • Select Question Types you want
  • Set your Desired Pass Percentage
  • Allocate Time (Hours : Minutes)
  • Create Multiple Practice tests with Limited Questions
  • Customer Support
Get Full Access Now

Save Cancel